<?php

require_once (HOME . '/include/base/BackendController.php');
class admin extends BackendController {
	// ///////////////////验证码相关
	private $name;
	private $password;
	private $verify_code;
	private $username;
	// //////////////////验证码相关
	
	private $mod_employee;
	
	function __construct() {
		parent::BackendController ();
		$this->admin ();
	}
	function admin() {
		$this->mod_employee = spClass('m_employee');
	}
	/**
	 * 管理员首页
	 */
	function index() {
		
		
		$this->assign('action', 'index');
		$this->display('admin.layout.html');
		
		
		
		
		
// 		if ($this->check ()) {
// 		} else {
// 			// TODO 显示管理员登录页面
// 		}
	}
	function check() {
		if (! IS_POST) {
			// TO DO throw exception!!!
		} else {
			// check admin
			// TODO write session
		}
	}
	function logout() {
		session_destroy();
		header('Location:',spUrl('admin','login'));
		//TODO 清Cookie 
		
		//清SESSION,清COOKIE
	}
	function login() {
		$this->tpl_title = "后台管理";
		
		// 开始验证
		if (IS_POST) {
			// check whether it's null
			
			if (FALSE == $this->_check_post(array('username','password','verifyCode')) ) {
				$this->error ( "您有必填项未填写", spUrl ( 'admin', 'login' ) );
			} else {
				$this->username = $this->spArgs ( 'username' );
				$this->password = $this->spArgs ( 'password' );
				$this->verify_code = $this->spArgs ( 'verifyCode' );
			}
			// check verifycode
			if ($this->verify_code != $_SESSION ['captcha']) {
				$_SESSION ['captcha'] = '';
				$this->error ( "验证码错误！", spUrl ( "admin", "login" ) );
			}
			// check user password whether match
			if (true == $this->mod_employee->check_user ( $this->username, $this->password )) {
				// TODO 登录成功后, 1. 更新最后登录时间, 2.判断是职工,是管理员,还是普通成员,3.更新Session,更新Cookie
				
				$_SESSION['user'] = $this->username;
				
				
				$this->success ( "登录成功，欢迎您，管理员！", spUrl ( "admin", "index" ) );
			} else {
				// TODO 用户名,密码认证失败的处理
				$this->error ( "错误的用户名和密码！", spUrl ( "admin", "login" ) );
			}
		} else {
			
			$this->display ( 'admin.login.html' );
		}
	}
}
?>